Weak Authentication in Ghost Robotics Vision 60 by Ghost Robotics
CVE-2025-41110

7HIGH

Key Information:

Vendor: Ghost Robotics
Status: Vision 60
Vendor: CVE Published:; 22 October 2025

🔔 Create Ghost Robotics Vulnerability Alert

What is CVE-2025-41110?

An emerging security issue has been identified in the Ghost Robotics Vision 60, where encrypted WiFi credentials are embedded within the application. This flaw allows unauthorized users to connect to the robot’s WiFi network. Due to the lack of default authentication in the ROS 2 environment utilized by the robot, attackers can also access SSH controls, resulting in potential full command over the device. This vulnerability poses risks not only to the robot itself but could also lead to unintended physical interference with its surroundings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Vision 60 0.27.2

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multip...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Adrián Campazas Vega

Claudia Álvarez Aparicio

JSON

Ghost Robotics

What is CVE-2025-41110?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.